replacing sendmail with qmail
Peter Pentchev
roam at ringlet.net
Fri Jun 27 01:35:01 PDT 2003
On Fri, Jun 27, 2003 at 09:39:36AM +0200, Soeren Straarup wrote:
>
> Well my point is that every one (that is interrested in security) knows
> that Sendmail and bind and so on have their exploits..
>
> And I like that they are the one that is comming with some more or less
> insecure services, this is due to that it really gives ppl the freedom
> choose the services that they want to use. But the generic ones works for
> home networks with no external access too.
>
> Freedom of religion.
>
> Well with freedom comes responsibility.
And this responsibility is handled excellently by the FreeBSD Security
Officer team and the FreeBSD sendmail maintainer, George Shapiro.
I don't think that there would be a better way to handle the existing
and published Sendmail vulnerabilities than the current practice of
timely patches and updates to both -current, -stable, *and* the various
security branches, so that everyone tracking the security advisories is
aware of the need to update, and update *now*, as soon as there is
actually something to update to. Great job, folks!
With that said, you could always do what I do and cut your own releases
with appropriate NO_* knobs in make.conf ;) This is *not* to say that I
don't trust the security officer team and the maintainers of the various
pieces of contributed software that I exclude from my own builds; it's
just a matter of personal preference.
Here's hoping this is the last post in this thread :) (The last word?
Me? Naah, that's just lack of morning coffee getting to you :P )
G'luck,
Peter
--
Peter Pentchev roam at ringlet.net roam at sbnd.net roam at FreeBSD.org
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
This sentence was in the past tense.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20030627/ebc113b5/attachment.bin
More information about the freebsd-hackers
mailing list